package com.fzn;

import com.fzn.realm.CustomerMD5Realm;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.subject.Subject;

import java.util.Arrays;

/**
 * @author fzn
 * @date 2022/3/18
 * @apiNote
 *  使用自定义Realm
 */
public class TestCustomerMD5RealmAuthenticator {
    public static void main(String[] args) {
        // 创建securityManger
        DefaultSecurityManager defaultSecurityManager = new DefaultSecurityManager();
        // 注入realm
        CustomerMD5Realm realm = new CustomerMD5Realm();
        // 设置realm使用hash凭证匹配器
        HashedCredentialsMatcher credentialsMatcher = new HashedCredentialsMatcher();
        credentialsMatcher.setHashAlgorithmName("md5");
        // 散列的次数 hash
        credentialsMatcher.setHashIterations(1024);
        realm.setCredentialsMatcher(credentialsMatcher);
        // 设置自定义realm
        defaultSecurityManager.setRealm(realm);
        // 将安全工具类设置安全管理器
        SecurityUtils.setSecurityManager(defaultSecurityManager);
        // 通过安全工具类获取subject
        Subject subject = SecurityUtils.getSubject();
        // 创建token
        UsernamePasswordToken token = new UsernamePasswordToken("xiaochen","123");
        try {
            // 用户登录
            subject.login(token);
            System.out.println("登录成功  认证状态："+subject.isAuthenticated());
        }catch (UnknownAccountException e) {
            e.printStackTrace();
            System.out.println("用户名错误 认证状态："+subject.isAuthenticated());
        }catch (IncorrectCredentialsException e) {
            e.printStackTrace();
            System.out.println("密码错误 认证状态："+subject.isAuthenticated());
        }

        // 认证的用户进行授权
        if (subject.isAuthenticated()) {
            // 1. 基于角色的权限控制
            System.out.println(subject.hasRole("users"));
            // 2.基于多角色的权限控制
            System.out.println(subject.hasAllRoles(Arrays.asList("admin", "users")));
            // 3.是否具有其中一个角色
            boolean[] booleans = subject.hasRoles(Arrays.asList("admin", "users", "super"));
            for (boolean aBoolean : booleans) {
                System.out.println(aBoolean);
            }
            System.out.println("====================");
            // 基于权限字符串的访问控制 资源表示符：操作：资源类型
            System.out.println("权限："+subject.isPermitted("user:update:01"));
            System.out.println("权限："+subject.isPermitted("product:create:02"));

            // 分别具有哪些权限
            boolean[] permitted = subject.isPermitted("user:*:01", "order:*:10");
            for (boolean b : permitted) {
                System.out.println(b);
            }

            // 同时具有哪些权限
            boolean permittedAll = subject.isPermittedAll("user:*:01", "product:create:01");
            System.out.println(permittedAll);

        }
    }
}
